Re: Using nicknames on planet?

-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160


>> As do I, and frankly can't figure out the purpose of unrecognizable
>> nicknames, but then again, I don't understand key signing parties
>> either.
>
> My understanding of them comes under the heading of security theater,
> in that they protect against a pretty uncommon threat and the step
> taken to mitigate this threat is about on the level of seizing water
> bottles in airports.

Actually, key signing parties are very useful. Being able to securely 
communicate with other people, with a certain level of guarantee 
that you are speaking with the correct person, is important, but there 
is another advantage: digital signatures. People who have met me and 
signed my key, for example, can be really damn sure that the Postgres 
tarballs they downloaded are the same ones I encountered at a certain 
point in time, and that I created the exact checksums listed, i.e.

http://www.gtsm.com/postgresql-20100518.gpg.txt

Personally, I'm a lot more worried about someone slipping a bogus 
tarball into random mirror X than about encrypting email to the 
wrong person, but it's nice to know that PGP is able to counter 
both those problems.

- -- 
Greg Sabino Mullane greg@turnstep.com
PGP Key: 0x14964AC8 201005180104
http://biglumber.com/x/web?pk=2529DF6AB8F79407E94445B4BC9B906714964AC8
-----BEGIN PGP SIGNATURE-----

iEYEAREDAAYFAkvyIKoACgkQvJuQZxSWSsjHugCghVFYUXF6k25UUSYEev7OuIHV
uWoAnjy3Du8cVXssyRqhu/o7ny/2s5aK
=+alC
-----END PGP SIGNATURE-----